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REMARKS 

In the specification, page 17, line 5 has been amended to correct a minor 
typographical error as requested by the examiner. 

Claims 6-71 remain pending in this application. 

The examiner has acknowledged that claims 19 - 30 and 52 - 62 are directed to 
allowable subject matter. 

Applicants respectfully request the reconsideration of the rejection of claims 6-8, 15, 
18, 31-33, 42-44, 48, 51, 63-64, 70, and 71. 

Rejection of Claims 31-33, 63, and 64 under 35 U.S.C. § 102(e) 

Claims 31-33, 63, and 64 have been rejected under 35 U.S.C. § 102(e) as being 
unpatentable over Todd. This rejection is respectfully traversed. 

The independent claims 31 and 63 recite a method and system, respectively, for 
accessing a Web site and scanning it for security vulnerabilities. Claim 3 1 recites the step of 
"parsing through the default Web page to identify any linked-to Web pages or objects which 
are included in the default Web page." Claim 63 recites a processor to "parse through the 
default Web page to identify any linked-to Web pages or objects which are included in the 
default Web pages." For shorthand purposes, these features will be referred to below as the 
parsing function. It will be appreciated that the default Web page referred to in the claims is 
the initial or introductory page for the Web site that is to be evaluated and assessed for 
vulnerabilities. The parsing function, therefore, searches for any links to additional Web 
pages included in the initial page. 
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The rejection relies on the teaching of Todd with respect to allowing a user to select 
from multiple security assessment options that may be linked from an initial Web page. In 
Todd, the user is one who would like to assess the vulnerability of the user's own Web site. 
To do so, the user goes to an initial Web site defined in Todd as the "seller" site. Other 
hypertext pages may be linked from this site for the user to access. These additional sites 
include the types of security assessments that the user may select to have performed on the 
user's site as described in Todd, col. 6, lines 15-25 (the lines to which the Examiner refers). 
Thus, Todd is specifically concerned with a user manually selecting hypertext links from an 
initial page to choose a security assessment method. 

35 U.S. C. 102(e) provides that an invention is unpatentable when: 

the invention was described in (1) an application for patent, published 
under section 122(b), by another filed in the United States before the 
invention by the applicant for patent or (2) a patent granted on an 
application for patent by another filed in the United States before the 
invention by the applicant for patent 

It is respectfully submitted that the Todd patent does not describe the present invention as 
required by 102(e). As indicated above, the claimed parsing function concerns checking the 
initial Web page of a target site to be assessed for linked and hidden Web pages. These other 
pages and objects are stored so that the assessing method and system can determine if any 
vulnerabilities lie therein. Therefore, the claimed parsing function operates on the Web site 
to be assessed and tested. 

In contrast, the Todd patent describes a method wherein the owner of a Web site to be 
assessed accesses a second Web site (the "seller" Web site defined in Todd) to choose which 
assessment technique is appropriate. Several layers of Web pages may be involved. 
However, the present invention, as claimed, concerns operation on a target Web site to be 
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assessed, and provides for determining how many Web pages are linked with the main page 
in order to test for vulnerabilities and security flaws at each of the Web pages. It is 
respectfully submitted that the rejection based on Todd under 35 USC 102(e) is, therefore, 
inappropriate and should be withdrawn. 

Dependent claims 32 and 33 each depend from independent claim 31 and are 
patentable for at least the reasons set forth in support of the patentability of claim 1 . Further, 
with respect to dependent claim 33, which was also rejected as being anticipated by Todd 
based on column 6, lines 15-25, this claim further recites parsing of each linked Web page 
for other linked pages and objects. Again, the process operates on the target site and is not 
the site where the user selects the particular security assessment to be performed. Thus, it is 
respectfully submitted that claim 33 is separately patentable. 

Dependent claim 64 depends from independent system claim 63 and thus is 
patentable for at least this reason. In addition, the more limited parsing function defined in 
claim 64 (as in claim 33) applies to the target Web site and thus claim 64 is patentable for 
this reason as well. 

B. Rejection of Claims 6-8, 15, 18 42-44, 48, 51, 70, & 71 under 35 U.S.C. § 
103(a) 

Claims 6-8, 15, 18, 42-44, 48, 51, 70, and 71 have been rejected under 35 U.S.C. § 
103(a) as being unpatentable over Todd and further in view of U.S. patent application 
publication 2002/0023059 to Bari. This rejection is respectfully traversed. 

Independent claims 6 and 42 also recite the "parsing function" discussed above and, 
because Bari is not relied on as teaching this feature and does not teach this feature, claims 6 
and 42 are patentable for at least this reason. 
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Dependent claims 7, 8, 15, 18, 43, 44, 48, 51, 70, and 71 each depend from the above 
independent claims and are allowable for at least this reason. 

Conclusion 

It is respectfully urged that the instant application is in condition for allowance. 
However, if the Examiner believes that there are unresolved issues, the Examiner is 
respectfully invited to contact the undersigned to discuss the issues. 



Date: September 29, 2005 




/: Ross F. Hunt, Jr. 
Registration No.: 24,082 
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